firewall port range

Latest response

Greetings,

Today I found this Cobbler snippet for iptables for one of our deployment profiles for RHEL 6.

"firewall --service=ssh --port=5555:tcp,9999:tcp,6666:tcp,8090:tcp,8091:tcp,8093:tcp,8585:tcp,12503:tcp,12603:tcp,15000:tcp,15001:tcp,15002:tcp,15005:tcp,15006:tcp,16000:tcp,16001:tcp,16002:tcp,16003:tcp,16004:tcp,16005:tcp,16006:tcp,16007:tcp,16008:tcp,16009:tcp,16010:tcp,16011:tcp,16012:tcp,16013:tcp,16014:tcp,16015:tcp,16016:tcp,16017:tcp,16018:tcp,16019:tcp,16020:tcp,16021:tcp,16022:tcp,16023:tcp,16024:tcp,16025:tcp"

This just looks ridiculous...

Is there no way to specify a port range?

CS
Log in to join the conversation

Responses

Th Guru 2987 points
8 October 2013 11:31 AM

-m multiport --dports XXX,YYY,ZZZ

or

-m multiport --dports XXX:ZZZ

or even a mix

-m multiport --dports XXX:YYY,ZZZ

CS Community Member 47 points
14 October 2013 11:37 AM

Hi Tom,

Are you sure this works in kickstart at the firewall option?

I suppose this could be used during the %post section in the kickstart.
The kickstart would then contain two sections of firewall configuration, one using the firewall kickstart option and one section of firewall configuration in the %post...

I cant find any explination for applying a port range in Red Hats Installation guide - kickstart options (https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Installation_Guide/s1-kickstart2-options.html) under "firewall (optional)"

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.